← Back

Esp32 Pico D4 Firmware

esp32-pico-d4_firmware

Vendor: Espressif • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-35818
1Espressif
22Esp Eye Firmware
Esp32 D0wd V3 FirmwareEsp32 D0wdr2 V3 Firmware+19 more
Nov 21, 2024
Jul 17, 2023
N/A· v4
6.8 MEDIUM· v3
N/A· v2
An issue was discovered on Espressif ESP32 3.0 (ESP32_rev300 ROM) devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and...Show more
An issue was discovered on Espressif ESP32 3.0 (ESP32_rev300 ROM) devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit another behavior in the chip to gain unauthorized access to the ROM download mode. Access to ROM download mode may be further exploited to read the encrypted flash content in cleartext format or execute stub code.Show less
CVE-2019-17391
1Espressif
4Esp32 D0wd Firmware
Esp32 D2wd FirmwareEsp32 Pico D4 Firmware+1 more
Nov 21, 2024
Nov 14, 2019
N/A· v4
4.6 MEDIUM· v3
2.1 LOW· v2
An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-08 0 through 2. Lack of anti-glitch mitigations in the first stage bootloader of the ESP32 chip allows an attacker (with physical access to the device)...Show more
An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-08 0 through 2. Lack of anti-glitch mitigations in the first stage bootloader of the ESP32 chip allows an attacker (with physical access to the device) to read the contents of read-protected eFuses, such as flash encryption and secure boot keys, by injecting a glitch into the power supply of the chip shortly after reset.Show less